Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/lTonWzXAeTGPKmw4UgRBmxd1xfk.roa
File: lTonWzXAeTGPKmw4UgRBmxd1xfk.roa (raw, json)
Hash identifier: zsuR85fUTKXf0eou6SL9Ji2uXvOS9geMR8xZFqS31E8=
Subject key identifier: 95:3A:27:5B:35:C0:79:31:8F:2A:6C:38:52:04:41:9B:17:75:C5:F9
Certificate issuer: /CN=297364f502534e8771a0c6259794c26e26d4bca4
Certificate serial: 04CE7EA6
Authority key identifier: 29:73:64:F5:02:53:4E:87:71:A0:C6:25:97:94:C2:6E:26:D4:BC:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXNk9QJTTodxoMYll5TCbibUvKQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/lTonWzXAeTGPKmw4UgRBmxd1xfk.roa
Signing time: Sat 01 Jan 2022 15:05:53 +0000
ROA not before: Sat 01 Jan 2022 15:05:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206283
IP address blocks: 185.26.26.0/23 maxlen: 23
2a02:f401::/32 maxlen: 32
2a02:f406:fe50::/48 maxlen: 48
2a02:f402::/32 maxlen: 32
2a02:f403::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80641702 (0x4ce7ea6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297364f502534e8771a0c6259794c26e26d4bca4
Validity
Not Before: Jan 1 15:05:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=953a275b35c079318f2a6c385204419b1775c5f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d2:ed:99:cc:ee:c2:2f:33:a3:b1:5d:34:72:
e7:b4:f2:d3:5b:3e:86:27:f0:96:a1:71:ce:ad:b2:
f0:ef:cf:97:1b:a0:f9:b9:87:74:69:86:9b:22:1c:
43:b8:fe:49:93:0f:5c:8b:c2:9f:32:71:3e:22:24:
34:82:ac:5b:20:97:2d:b0:20:18:2e:a8:4a:3d:a8:
c0:35:d7:9c:d2:3c:e6:85:fc:24:76:98:5d:bd:a8:
d1:da:41:38:94:fd:0d:5c:1c:32:51:77:d6:60:60:
fe:f8:a2:6c:fa:26:04:77:f0:c8:e8:1c:7e:21:c1:
a7:71:79:97:ee:21:5c:2d:0f:f5:d3:dc:05:1c:50:
29:25:15:eb:63:8e:39:c8:78:29:f8:a2:8d:80:b1:
58:3f:33:b2:ef:f4:2b:8c:d2:30:9d:fc:c5:36:21:
d4:45:82:d2:f1:d1:db:fa:b7:ac:2c:6b:11:cf:48:
4e:4c:4f:f0:55:a9:81:74:06:8e:28:23:e5:f0:32:
07:dd:10:eb:59:41:31:98:08:85:8b:7d:54:2b:dd:
15:31:15:86:eb:b8:7b:72:57:87:21:41:67:b8:87:
f1:79:b8:d9:02:b3:6a:a2:b7:c3:fc:d7:55:b9:36:
8b:6b:a4:d4:0b:ec:e2:34:06:36:a6:a0:dd:f4:93:
3e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:3A:27:5B:35:C0:79:31:8F:2A:6C:38:52:04:41:9B:17:75:C5:F9
X509v3 Authority Key Identifier:
keyid:29:73:64:F5:02:53:4E:87:71:A0:C6:25:97:94:C2:6E:26:D4:BC:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXNk9QJTTodxoMYll5TCbibUvKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/lTonWzXAeTGPKmw4UgRBmxd1xfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/KXNk9QJTTodxoMYll5TCbibUvKQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.26.26.0/23
IPv6:
2a02:f401::-2a02:f403:ffff:ffff:ffff:ffff:ffff:ffff
2a02:f406:fe50::/48
Signature Algorithm: sha256WithRSAEncryption
9b:90:b0:d9:09:87:01:b2:67:0e:30:25:94:7d:c1:23:48:8a:
c5:ba:e8:ed:14:d4:9d:83:ac:42:9d:a3:f3:79:9d:6a:04:24:
97:ad:85:fb:55:19:03:86:93:67:90:8c:f7:2e:55:c3:28:5c:
3b:0f:c0:9b:7d:c0:30:99:1f:ab:4d:8e:53:b8:af:5f:b3:56:
eb:5c:84:7a:5e:ea:1b:a0:b8:b0:4e:08:13:a3:b6:88:e7:b6:
b2:34:e6:13:1e:ec:7a:2d:6e:09:6c:3d:86:d7:84:ee:34:a2:
35:18:9c:4c:40:a7:b0:27:10:73:8b:10:75:17:cf:5f:9f:1e:
2f:1c:7e:29:07:9f:b1:93:0a:68:a9:c6:37:b6:ce:1f:f6:61:
bc:dc:b0:4a:34:26:32:08:2f:29:b9:cf:92:6f:45:88:35:d1:
08:0e:b5:0b:02:ee:08:a8:e2:ca:e6:a8:1c:73:ca:4b:6c:71:
56:b5:2e:b5:f6:36:32:99:9e:87:a2:a7:3e:56:9d:52:f5:f4:
b5:94:c7:1e:e6:f2:86:b0:81:47:3b:30:de:31:23:d5:c9:0a:
7d:fe:0f:b5:bf:53:d3:97:1e:7a:d3:a0:b7:f4:29:fd:04:ea:
85:de:65:37:30:af:c8:06:db:05:17:f8:57:c3:12:fd:55:51:
0c:09:db:23
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEBM5+pjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTczNjRmNTAyNTM0ZTg3NzFhMGM2MjU5Nzk0YzI2ZTI2ZDRiY2E0MB4XDTIyMDEw
MTE1MDU1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTUzYTI3NWIzNWMw
NzkzMThmMmE2YzM4NTIwNDQxOWIxNzc1YzVmOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJXS7ZnM7sIvM6OxXTRy57Ty01s+hifwlqFxzq2y8O/Plxug
+bmHdGmGmyIcQ7j+SZMPXIvCnzJxPiIkNIKsWyCXLbAgGC6oSj2owDXXnNI85oX8
JHaYXb2o0dpBOJT9DVwcMlF31mBg/viibPomBHfwyOgcfiHBp3F5l+4hXC0P9dPc
BRxQKSUV62OOOch4KfiijYCxWD8zsu/0K4zSMJ38xTYh1EWC0vHR2/q3rCxrEc9I
TkxP8FWpgXQGjigj5fAyB90Q61lBMZgIhYt9VCvdFTEVhuu4e3JXhyFBZ7iH8Xm4
2QKzaqK3w/zXVbk2i2uk1Avs4jQGNqag3fSTPlkCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBSVOidbNcB5MY8qbDhSBEGbF3XF+TAfBgNVHSMEGDAWgBQpc2T1AlNOh3Gg
xiWXlMJuJtS8pDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tYTms5UUpUVG9keG9NWWxsNVRDYmliVXZLUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTIvMDQ1ODIwLTM1NDYtNDA3Yy04M2E1LTBhMGYzZTc4YTQ5My8x
L2xUb25XelhBZVRHUEttdzRVZ1JCbXhkMXhmay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIv
MDQ1ODIwLTM1NDYtNDA3Yy04M2E1LTBhMGYzZTc4YTQ5My8xL0tYTms5UUpUVG9k
eG9NWWxsNVRDYmliVXZLUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wDAQCAAEwBgMEAbkaGjAfBAIAAjAZMA4DBQAqAvQB
AwUCKgL0AAMHACoC9Ab+UDANBgkqhkiG9w0BAQsFAAOCAQEAm5Cw2QmHAbJnDjAl
lH3BI0iKxbro7RTUnYOsQp2j83mdagQkl62F+1UZA4aTZ5CM9y5VwyhcOw/Am33A
MJkfq02OU7ivX7NW61yEel7qG6C4sE4IE6O2iOe2sjTmEx7sei1uCWw9hteE7jSi
NRicTECnsCcQc4sQdRfPX58eLxx+KQefsZMKaKnGN7bOH/ZhvNywSjQmMggvKbnP
km9FiDXRCA61CwLuCKjiyuaoHHPKS2xxVrUutfY2Mpmeh6KnPladUvX0tZTHHuby
hrCBRzsw3jEj1ckKff4Ptb9T05ceetOgt/Qp/QTqhd5lNzCvyAbbBRf4V8MS/VVR
DAnbIw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:09 2024 by rpki-client on console-ams.rpki-client.org